credential

package

v1.1.0 Latest Latest Go to latest Published: May 23, 2022 License: GPL-3.0 Imports: 8 Imported by: 5

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nuts-foundation/nuts-node

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ExtractTypes(credential vc.VerifiableCredential) []string
func FindValidatorAndBuilder(credential vc.VerifiableCredential) (Validator, Builder)
func ValidExplicitNutsAuthorizationCredential() *vc.VerifiableCredential
func Validate(credential vc.VerifiableCredential) error
func ValidateRevocation(r Revocation) error
type BaseCredentialSubject
type Builder
type Evidence
type LegalBase
type NutsAuthorizationCredentialSubject
type NutsOrganizationCredentialSubject
type Resource
type Revocation
- func BuildRevocation(credential vc.VerifiableCredential) Revocation
type Validator

Constants ¶

View Source

const (
	// NutsOrganizationCredentialType is the VC type for a NutsOrganizationCredential
	NutsOrganizationCredentialType = "NutsOrganizationCredential"
	// NutsAuthorizationCredentialType is the VC type for a NutsAuthorizationCredential
	NutsAuthorizationCredentialType = "NutsAuthorizationCredential"
	// NutsContext is the nuts specific json-ld context
	NutsContext = "https://nuts.nl/credentials/v1"
)

Variables ¶

View Source

var (
	// NutsOrganizationCredentialTypeURI is the VC type for a NutsOrganizationCredentialType as URI
	NutsOrganizationCredentialTypeURI, _ = ssi.ParseURI(NutsOrganizationCredentialType)
	// NutsAuthorizationCredentialTypeURI is the VC type for a NutsAuthorizationCredentialType as URI
	NutsAuthorizationCredentialTypeURI, _ = ssi.ParseURI(NutsAuthorizationCredentialType)
	// NutsContextURI is the nuts specific json-ld context as URI
	NutsContextURI, _ = ssi.ParseURI(NutsContext)
)

View Source

var ErrValidation = errors.New("validation failed")

ErrValidation is a common error indicating validation failed

View Source

var RevocationType = ssi.MustParseURI("CredentialRevocation")

RevocationType contains the JSON-LD type for a revocation

Functions ¶

func ExtractTypes ¶

func ExtractTypes(credential vc.VerifiableCredential) []string

ExtractTypes extract additional VC types from the VC as strings It removes the default `VerifiableCredential` type from the types, returns the rest.

func FindValidatorAndBuilder ¶

func FindValidatorAndBuilder(credential vc.VerifiableCredential) (Validator, Builder)

FindValidatorAndBuilder finds the Validator and Builder for the credential Type It only supports VCs with one additional type next to the default VerifiableCredential type. When no additional type is provided, it returns the default validator and a nil builder

func ValidExplicitNutsAuthorizationCredential ¶

func ValidExplicitNutsAuthorizationCredential() *vc.VerifiableCredential

func Validate ¶

func Validate(credential vc.VerifiableCredential) error

Validate the default fields. This is credential type independent.

func ValidateRevocation ¶

func ValidateRevocation(r Revocation) error

ValidateRevocation checks if a revocation record contains the required fields and if fields have the correct value.

Types ¶

type BaseCredentialSubject ¶

type BaseCredentialSubject struct {
	ID string `json:"id"`
}

BaseCredentialSubject defines the CredentialSubject struct for fields that are shared amongst all CredentialSubjects

type Builder ¶

type Builder interface {
	// Type returns the matching Verifiable Credential type
	Type() string
	// Fill sets the defaults for common fields
	Fill(vc *vc.VerifiableCredential)
}

Builder is an abstraction for extending a partial VC into a fully valid VC

type Evidence ¶

type Evidence struct {
	// Path is the relative path (relative to the FHIR base path of the mentioned service)
	Path string `json:"path"`
	// Type indicates the MIME type of the resource.
	Type string `json:"type"`
}

Evidence is part of the NutsAuthorizationCredential credentialSubject.legalBase

type LegalBase ¶

type LegalBase struct {
	// ConsentType defines the type of consent that has been given (implied or explicit)
	ConsentType string `json:"consentType"`
	// Evidence contains a link to a resource when ConsentType == 'explicit'
	Evidence *Evidence `json:"evidence"`
}

LegalBase is part of the NutsAuthorizationCredential credentialSubject

type NutsAuthorizationCredentialSubject ¶

type NutsAuthorizationCredentialSubject struct {
	// ID contains the DID of the subject
	ID string `json:"id"`
	// LegalBase contains information about the type of consent that is the basis for the authorization.
	LegalBase LegalBase `json:"legalBase"`
	// PurposeOfUse refers to the Bolt access policy
	PurposeOfUse string `json:"purposeOfUse"`
	// Resources contains additional individual resources that can be accessed.
	Resources []Resource `json:"resources"`
	// Subject contains a URN referring to the subject of care (not the credential subject)
	Subject *string `json:"subject"`
}

NutsAuthorizationCredentialSubject defines the CredentialSubject struct for the NutsAuthorizationCredential

type NutsOrganizationCredentialSubject ¶

type NutsOrganizationCredentialSubject struct {
	ID           string            `json:"id"`
	Organization map[string]string `json:"organization"`
}

NutsOrganizationCredentialSubject defines the CredentialSubject struct for the NutsOrganizationCredential

type Resource ¶

type Resource struct {
	// Path defines the path of the resource relative to the service base URL.
	// Which service acts as base URL is described by the Bolt.
	Path string `json:"path"`
	// Operations define which operations are allowed on the resource.
	Operations []string `json:"operations"`
	// UserContext defines if a user login contract is required for the resource.
	UserContext bool `json:"userContext"`
}

Resource defines a single accessbile resource

type Revocation ¶

type Revocation struct {
	// Context contains the json-ld contexts
	Context []ssi.URI `json:"@context,omitempty"`
	// Type contains the json-ld type, usually this is CredentialRevocation
	Type []ssi.URI `json:"type,omitempty"`
	// Issuer refers to the party that issued the credential
	Issuer ssi.URI `json:"issuer"`
	// Subject refers to the VC that is revoked
	Subject ssi.URI `json:"subject"`
	// Reason describes why the VC has been revoked
	Reason string `json:"reason,omitempty"`
	// Date is a rfc3339 formatted datetime.
	Date time.Time `json:"date"`
	// Proof contains the cryptographic proof(s). It must be extracted using the Proofs method or UnmarshalProofValue method for non-generic proof fields.
	Proof *vc.JSONWebSignature2020Proof `json:"proof,omitempty"`
}

Revocation defines a proof that a VC has been revoked by it's issuer.

func BuildRevocation ¶

func BuildRevocation(credential vc.VerifiableCredential) Revocation

BuildRevocation generates a revocation based on the credential

type Validator ¶

type Validator interface {
	// Validate the given credential according to the rules of the VC type.
	Validate(credential vc.VerifiableCredential) error
}

Validator is the interface specific VC verification. Every VC will have its own rules of verification.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL